[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[FD] [CVE-2019-7416] Client Side URL Redirect (OTG-CLIENT-004) in OpenText Documentum Webtop 5.3 SP2
- To: fulldisclosure@xxxxxxxxxxxx
- Subject: [FD] [CVE-2019-7416] Client Side URL Redirect (OTG-CLIENT-004) in OpenText Documentum Webtop 5.3 SP2
- From: Rafael Pedrero <rafael.pedrero@xxxxxxxxx>
- Date: Wed, 6 Feb 2019 07:13:49 +0100
<!--
# Exploit Title: Client Side URL Redirect (OTG-CLIENT-004) in OpenText
Documentum Webtop 5.3 SP2
# Date: 17-01-2019
# Exploit Author: Rafael Pedrero
# Vendor Homepage:
https://www.opentext.com/products-and-solutions/products/opentext-product-offerings-catalog/rebranded-products/documentum
# Software Link:
https://www.opentext.com/products-and-solutions/products/opentext-product-offerings-catalog/rebranded-products/documentum
# Version: OpenText Documentum Webtop 5.3 SP2
# Tested on: all
# CVE : CVE-2019-7416
# Category: webapps
1. Description
XSS and/or a Client Side URL Redirect exists in OpenText Documentum Webtop
5.3 SP2. The parameter startat in "/webtop/help/en/default.htm" is
vulnerable.
Client Side URL Redirect (OTG-CLIENT-004) and/or Cross Site Scripting
exists in OpenText Documentum Webtop 5.3 SP2. The parameter startat in
"/webtop/help/en/default.htm" is vulnerable.
2. Proof of Concept
http://X.X.X.X/webtop/help/en/default.htm?startat=http://site
Vulnerable parameter: startat
3. Solution:
Update to last version this product.
Patch:
https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet#XSS_Prevention_Rules
Note: Vulnerability found in 2006.
-->
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/